2.7
CVSSv3

CVE-2020-6280

Published: 14/07/2020 Updated: 05/10/2022
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 2.7 | Impact Score: 1.4 | Exploitability Score: 1.2
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sap abap platform 7.50

sap abap platform 7.40

sap abap platform 7.31

sap netweaver application server abap 750

sap netweaver application server abap 731

sap netweaver application server abap 740

Recent Articles

Old-school security hole perfect for worms and remote hijackings found lurking in Windows Server DNS code
The Register • Shaun Nichols in San Francisco • 15 Jul 2020

You'll want to patch that – and all these other bugs fixed by Microsoft, Oracle, Adobe, VMware, SAP, Google So kind of SAP NetWeaver to hand out admin accounts to anyone who can reach it. You'll want to patch this

Mega Patch Tuesday Microsoft on Tuesday patched a wormable hole in its Windows Server software that can be exploited remotely to completely commandeer the machine without any authorization. It was one of hundreds of security bugs squashed today by Redmond along with Oracle, Adobe, VMware, SAP and Google. Microsoft emitted fixes for 123 vulnerabilities in this month's Patch Tuesday batch. Some 18 of those CVE-listed security flaws are considered critical, meaning remote code execution (RCE) is po...